Commit Graph

1647 Commits

Author SHA1 Message Date
bcmmbaga
73be8c8a32
fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 19:00:59 +03:00
bcmmbaga
f61c914fd7
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage
# Conflicts:
#	management/server/file_store.go
2024-09-26 18:51:47 +03:00
bcmmbaga
4575ae2841
add store lock
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 18:46:23 +03:00
bcmmbaga
ca6a9fd602
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage 2024-09-26 16:39:52 +03:00
bcmmbaga
871595d15f
Merge branch 'main' into refactor-get-account-by-token
# Conflicts:
#	management/server/sql_store.go
2024-09-26 16:39:17 +03:00
bcmmbaga
30253b0565
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage 2024-09-26 16:34:36 +03:00
bcmmbaga
dc82c2d1ce
fix add missing policy source posture checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 16:34:19 +03:00
bcmmbaga
3b4bcdf5a4
refactor posture checks save and deletion
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 16:28:49 +03:00
bcmmbaga
87c8430e99
add store policy save and method
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 22:47:54 +03:00
Zoltan Papp
4ebf6e1c4c
[client] Close the remote conn in proxy (#2626)
Port the conn close call to eBPF proxy
2024-09-25 18:50:10 +02:00
pascal-fischer
1e4a0f77e2
Add get DB method to store (#2650) 2024-09-25 18:22:27 +02:00
bcmmbaga
c384874d7d
fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 15:04:57 +03:00
bcmmbaga
b815393180
fix lint
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 13:02:08 +03:00
bcmmbaga
41b212f610
Refactor store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 12:53:20 +03:00
bcmmbaga
16174f0478
Refactor route, setupkey, nameserver and dns to get record(s) from store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 12:52:42 +03:00
bcmmbaga
d14b855670
Refactor user permissions and retrieves PAT
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 22:57:04 +03:00
Viktor Liu
b51d75204b
[client] Anonymize relay address in status peers view (#2640) 2024-09-24 20:58:18 +02:00
Viktor Liu
e7d52c8c95
[client] Fix error count formatting (#2641) 2024-09-24 20:57:56 +02:00
bcmmbaga
eab85644cd
Refactor retrieval of policy and posture checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 21:57:33 +03:00
bcmmbaga
7561706627
add GetGroupByID from store and refactor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 19:55:33 +03:00
bcmmbaga
1ffe89d20d
add GetGroupByName from store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 16:36:57 +03:00
bcmmbaga
28840383e1
refactor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 13:30:13 +03:00
Viktor Liu
ab82302c95
[client] Remove usage of custom dialer for localhost (#2639)
* Downgrade error log level for network monitor warnings

* Do not use custom dialer for localhost
2024-09-24 12:29:15 +02:00
bcmmbaga
d9f612d623
remove locks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-23 20:12:57 +03:00
pascal-fischer
d47be154ea
[misc] Fix ip range posture check example (#2628) 2024-09-23 10:02:03 +02:00
bcmmbaga
7601a17150
fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-22 23:44:10 +03:00
bcmmbaga
8f98adddf6
refactor handlers to use GetAccountIDFromToken
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-22 15:14:31 +03:00
bcmmbaga
26dd045da5
Merge branch 'main' into refactor-get-account-by-token 2024-09-20 14:08:09 +03:00
bcmmbaga
4d9bb7ea35
refactor getAccountWithAuthorizationClaims to return account id
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-20 14:07:44 +03:00
Bethuel Mmbaga
35c892aea3
[management] Restrict accessible peers to user-owned peers for non-admins (#2618)
* Restrict accessible peers to user-owned peers for non-admin users

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add service user test

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* reuse account from token

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* return error when peer not found

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-20 12:36:58 +03:00
Zoltan Papp
fc4b37f7bc
Exit from processConnResults after all tries (#2621)
* Exit from processConnResults after all tries

If all server is unavailable then the server picker never return
because we never close the result channel.
Count the number of the results and exit when we reached the
expected size
2024-09-19 13:49:28 +02:00
Zoltan Papp
6f0fd1d1b3
- Increase queue size and drop the overflowed messages (#2617)
- Explicit close the net.Conn in user space wgProxy when close the wgProxy
- Add extra logs
2024-09-19 13:49:09 +02:00
bcmmbaga
9631cb4fb3
fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 19:05:21 +03:00
bcmmbaga
8f9c54f6c2
remove GetUserByID from account manager
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 17:03:04 +03:00
bcmmbaga
f60a4234b1
revert handles change
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 16:40:47 +03:00
bcmmbaga
021fc8f33e
fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 16:11:20 +03:00
bcmmbaga
a4c4158bcf
Merge branch 'main' into refactor-get-account-by-token 2024-09-18 16:03:55 +03:00
bcmmbaga
720d36a290
refactor getAccountWithAuthorizationClaims
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 15:55:52 +03:00
bcmmbaga
ccab3b427f
refactor getAccountFromToken
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 14:24:39 +03:00
bcmmbaga
e5d55d3c10
refactor handlers to get account when necessary
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-17 23:15:54 +03:00
bcmmbaga
3cf1b02f31
refactor jwt groups extractor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-17 18:18:59 +03:00
Zoltan Papp
28cbb4b70f
[client] Cancel the context of wg watcher when the go routine exit (#2612) 2024-09-17 12:10:17 +02:00
Zoltan Papp
1104c9c048
[client] Fix race condition while read/write conn status in peer conn (#2607) 2024-09-17 11:15:14 +02:00
Maycon Santos
5bc601111d
[relay] Add health check attempt threshold (#2609)
* Add health check attempt threshold for receiver

* Add health check attempt threshold for sender
2024-09-17 10:04:17 +02:00
Zoltan Papp
b74951f29e
[client] Enforce permissions on Win (#2568)
Enforce folder permission on Windows, giving only administrators and system access to the NetBird folder.
2024-09-16 22:42:37 +02:00
Zoltan Papp
97e10e440c
Fix leaked server connections (#2596)
Fix leaked server connections

close unused connections in the client lib
close deprecated connection in the server lib
The Server Picker is reusable in the guard if we want in the future. So we can support the server address changes.

---------

Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>

* Add logging

---------

Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-09-16 16:11:10 +02:00
pascal-fischer
6c50b0c84b
[management] Add transaction to addPeer (#2469)
This PR removes the GetAccount and SaveAccount operations from the AddPeer and instead makes use of gorm.Transaction to add the new peer.
2024-09-16 15:47:03 +02:00
bcmmbaga
258b30cf48
refactor access control middleware and user access by JWT groups
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-16 13:33:36 +03:00
pascal-fischer
730dd1733e
[signal] Fix signal active peers metrics (#2591) 2024-09-15 16:46:55 +02:00
Bethuel Mmbaga
82739e2832
[management] fix legacy decrypting of empty values (#2595)
* allow legacy decrypting on empty values

* validate source size and padding limits

* added tests

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-09-15 16:22:46 +02:00